Difference between revisions of "Joint Threat Research Intelligence Group"

From Wikispooks
Jump to navigation Jump to search
(image)
(add document excerpt)
 
Line 10: Line 10:
 
|powerbase=http://www.powerbase.info/index.php/Joint_Threat_Research_Intelligence_Group
 
|powerbase=http://www.powerbase.info/index.php/Joint_Threat_Research_Intelligence_Group
 
|description=Subunit of GCHQ that uses deception, dirty tricks, fake news to discredit people on the internet to "deny, disrupt, degrade and deceive".}}
 
|description=Subunit of GCHQ that uses deception, dirty tricks, fake news to discredit people on the internet to "deny, disrupt, degrade and deceive".}}
The '''Joint Threat Research Intelligence Group''' (JTRIG) is a unit of the [[Government Communications Headquarters]] (GCHQ), the UK [[intelligence agency]].<ref name="bbc1">{{cite web|title=Snowden leaks: GCHQ 'attacked Anonymous' hackers|url=http://www.bbc.co.uk/news/technology-26049448|publisher=[[BBC]]|accessdate=7 February 2014|date=5 February 2014}}</ref>  
+
The '''Joint Threat Research Intelligence Group''' (JTRIG) is a unit of the [[Government Communications Headquarters]] (GCHQ), the UK [[intelligence agency]].<ref name="bbc1">http://www.bbc.co.uk/news/technology-26049448</ref>  
  
 
==Discovery==
 
==Discovery==
The group became public knowledge after the [[Edward Snowden Affair]] as it is mentioned in documents he publicised.<ref name=NBCFeb14>{{cite web|title=Snowden Docs: British Spies Used Sex and 'Dirty Tricks'|url=http://www.nbcnews.com/news/investigations/snowden-docs-british-spies-used-sex-dirty-tricks-n23091|publisher=[[NBC News]]|accessdate=7 February 2014|date=7 February 2014}}</ref>  
+
The group became public knowledge after the [[Edward Snowden Affair]] as it is mentioned in documents he publicised.<ref name=NBCFeb14>http://www.nbcnews.com/news/investigations/snowden-docs-british-spies-used-sex-dirty-tricks-n23091</ref>  
  
 
== Mission ==
 
== Mission ==
The scope of the JTRIG's mission includes using "dirty tricks" to "destroy, deny, degrade [and] disrupt" enemies by "discrediting" them, planting misinformation and shutting down their communications.<ref name=NBCFeb14/><ref>{{cite web|url=https://firstlook.org/theintercept/2014/02/24/jtrig-manipulation/|title=How Covert Agents Infiltrate the Internet to Manipulate, Deceive, and Destroy Reputations|author=Glenn Greenwald|publisher=The Intercept|date=2014-02-24}} - contains the DISRUPTION Operational Playbook slide presentation by GCHQ</ref> Known as "Effects" operations, the work of JTRIG had become a "major part" of GCHQ's operations by 2010.
+
The scope of the JTRIG's mission includes using "dirty tricks" to "destroy, deny, degrade [and] disrupt" enemies by "discrediting" them, planting misinformation and shutting down their communications.<ref name=NBCFeb14/><ref>https://firstlook.org/theintercept/2014/02/24/jtrig-manipulation/</ref> Known as "Effects" operations, the work of JTRIG had become a "major part" of GCHQ's operations by 2010.<ref>https://www.theregister.co.uk/2014/02/07/snowden_documents_show_british_digital_spies_using_viruses_and_honey_traps/</ref>
  
 
==Activities==
 
==Activities==
A document published by [[Glen Greenwald]] details a long list of [[software]] packages, some operational, some planned, for [[mass surveillance]] and other [[cyberespionage]] purposes.
+
A document published by [[Glen Greenwald]] details a long list of [[software]] packages, some operational, some planned, for [[mass surveillance]] and other [[cyberespionage]] purposes.<ref>https://firstlook.org/theintercept/document/2014/07/14/jtrig-tools-techniques/</ref>
<ref>https://firstlook.org/theintercept/document/2014/07/14/jtrig-tools-techniques/</ref>
 
  
 
Documents leaked by Edward Snowden reveal that JTRIG use [[computer viruses]] to make people's computers unusable, including encrypting of deleting files or emails.<ref>https://www.theregister.co.uk/2014/02/07/snowden_documents_show_british_digital_spies_using_viruses_and_honey_traps/</ref><ref>http://msnbcmedia.msn.com/i/msnbc/sections/news/snowden_cyber_offensive1_nbc_document.pdf</ref>
 
Documents leaked by Edward Snowden reveal that JTRIG use [[computer viruses]] to make people's computers unusable, including encrypting of deleting files or emails.<ref>https://www.theregister.co.uk/2014/02/07/snowden_documents_show_british_digital_spies_using_viruses_and_honey_traps/</ref><ref>http://msnbcmedia.msn.com/i/msnbc/sections/news/snowden_cyber_offensive1_nbc_document.pdf</ref>
+
 
According to documents released to NBC News by [[Edward Snowden]], JTRIG's role is to "deny, disrupt, degrade and deceive". This includes use of [[DDOS]] attacks on chatrooms.<ref>https://www.theregister.co.uk/2014/02/07/snowden_documents_show_british_digital_spies_using_viruses_and_honey_traps/</ref>
+
A 2011 report on JTRIG activities lists some of the “cyber-techniques” used<ref>https://theintercept.com/document/2015/06/22/behavioural-science-support-jtrig/</ref>:
 +
 
 +
{{QB|JTRIG's campaigns fall into two broad categories: [[cyber attacks]] and [[propaganda]]. Propaganda efforts (referred to as Online Covert Action, "Online Coverage Action") use massive messaging and storytelling on social platforms [[Twitter]], [[Flickr]], [[Facebook]] and [[YouTube]]. The JTRIG also used "[[false flag]]" operations against certain targets. Likewise, he edited photos on social media, and sent emails and texts containing “shady information” to co-workers and neighbors of targeted people.
 +
 
 +
All of JTRIG’s operations are conducted using cyber technology. Staff described a range of methods/techniques that have been used to-date for conducting effects operations. These included:
 +
* Uploading [[YouTube]] videos containing “persuasive” communications (to discredit, promote distrust, dissuade, deter, delay or disrupt)
 +
* Setting up [[Facebook]] groups, forums, [[blogs]] and [[Twitter]] accounts that encourage and monitor discussion on a topic (to discredit, promote distrust, dissuade, deter, delay or disrupt)
 +
* Establishing online aliases/personalities who support the communications or messages in YouTube videos, Facebook groups, forums, blogs etc
 +
* Establishing [[online aliases]]/personalities who support other aliases
 +
* Sending spoof e-mails and text messages from a fake person or mimicking a real person (to discredit, promote distrust, dissuade, deceive, deter, delay or disrupt)
 +
* Providing spoof online resources such as magazines and books that provide inaccurate information (to disrupt, delay, deceive, discredit, promote distrust, dissuade, deter or denigrate/degrade)
 +
* Providing online access to uncensored material (to disrupt)
 +
* Sending instant messages to specific individuals giving them instructions for accessing uncensored websites
 +
* Setting up spoof trade sites (or sellers) that may take a customer’s money and/or send customers degraded or spoof products (to deny, disrupt, degrade/denigrate, delay, deceive, discredit, dissuade or deter)
 +
* Interrupting (i.e., filtering, deleting, creating or modifying) communications between real customers and traders (to deny, disrupt, delay, deceive, dissuade or deter)
 +
* Taking over control of online websites (to deny, disrupt, discredit or delay)
 +
* Denial of telephone and computer service (to deny, delay or disrupt)
 +
* Hosting targets’ online communications/websites for collecting [[SIGINT]] (to disrupt, delay, deter or deny)
 +
* Contacting host websites asking them to remove material (to deny, disrupt, delay, dissuade or deter) 2.6 Some of JTRIG’s staff have conducted online [[HUMINT]] operations. Such operations typically involve establishing an online alias/personality who has a [[Facebook page]], and membership of relevant web forums, etc.}}
 +
 
 +
 
 
{{SMWDocs}}
 
{{SMWDocs}}
 
==References==
 
==References==
 
{{reflist}}
 
{{reflist}}

Latest revision as of 14:07, 5 May 2021

Group.png Joint Threat Research Intelligence Group   PowerbaseRdf-entity.pngRdf-icon.png
GCHQ-JTRIG-effects.png
A slide from a JTRIG presentation leaked by Edward Snowden
Parent organizationGCHQ
Typeintelligence agency
Interestscyberespionage, fake news
Subunit of GCHQ that uses deception, dirty tricks, fake news to discredit people on the internet to "deny, disrupt, degrade and deceive".

The Joint Threat Research Intelligence Group (JTRIG) is a unit of the Government Communications Headquarters (GCHQ), the UK intelligence agency.[1]

Discovery

The group became public knowledge after the Edward Snowden Affair as it is mentioned in documents he publicised.[2]

Mission

The scope of the JTRIG's mission includes using "dirty tricks" to "destroy, deny, degrade [and] disrupt" enemies by "discrediting" them, planting misinformation and shutting down their communications.[2][3] Known as "Effects" operations, the work of JTRIG had become a "major part" of GCHQ's operations by 2010.[4]

Activities

A document published by Glen Greenwald details a long list of software packages, some operational, some planned, for mass surveillance and other cyberespionage purposes.[5]

Documents leaked by Edward Snowden reveal that JTRIG use computer viruses to make people's computers unusable, including encrypting of deleting files or emails.[6][7]

A 2011 report on JTRIG activities lists some of the “cyber-techniques” used[8]:


JTRIG's campaigns fall into two broad categories: cyber attacks and propaganda. Propaganda efforts (referred to as Online Covert Action, "Online Coverage Action") use massive messaging and storytelling on social platforms Twitter, Flickr, Facebook and YouTube. The JTRIG also used "false flag" operations against certain targets. Likewise, he edited photos on social media, and sent emails and texts containing “shady information” to co-workers and neighbors of targeted people.

All of JTRIG’s operations are conducted using cyber technology. Staff described a range of methods/techniques that have been used to-date for conducting effects operations. These included:

  • Uploading YouTube videos containing “persuasive” communications (to discredit, promote distrust, dissuade, deter, delay or disrupt)
  • Setting up Facebook groups, forums, blogs and Twitter accounts that encourage and monitor discussion on a topic (to discredit, promote distrust, dissuade, deter, delay or disrupt)
  • Establishing online aliases/personalities who support the communications or messages in YouTube videos, Facebook groups, forums, blogs etc
  • Establishing online aliases/personalities who support other aliases
  • Sending spoof e-mails and text messages from a fake person or mimicking a real person (to discredit, promote distrust, dissuade, deceive, deter, delay or disrupt)
  • Providing spoof online resources such as magazines and books that provide inaccurate information (to disrupt, delay, deceive, discredit, promote distrust, dissuade, deter or denigrate/degrade)
  • Providing online access to uncensored material (to disrupt)
  • Sending instant messages to specific individuals giving them instructions for accessing uncensored websites
  • Setting up spoof trade sites (or sellers) that may take a customer’s money and/or send customers degraded or spoof products (to deny, disrupt, degrade/denigrate, delay, deceive, discredit, dissuade or deter)
  • Interrupting (i.e., filtering, deleting, creating or modifying) communications between real customers and traders (to deny, disrupt, delay, deceive, dissuade or deter)
  • Taking over control of online websites (to deny, disrupt, discredit or delay)
  • Denial of telephone and computer service (to deny, delay or disrupt)
  • Hosting targets’ online communications/websites for collecting SIGINT (to disrupt, delay, deter or deny)
  • Contacting host websites asking them to remove material (to deny, disrupt, delay, dissuade or deter) 2.6 Some of JTRIG’s staff have conducted online HUMINT operations. Such operations typically involve establishing an online alias/personality who has a Facebook page, and membership of relevant web forums, etc.


 

Related Quotation

PageQuoteAuthorDate
GCHQ“Among the core self-identified purposes of JTRIG are two tactics:

(1) to inject all sorts of false material onto the internet in order to destroy the reputation of its targets; and

(2) to use social sciences and other techniques to manipulate online discourse and activism to generate outcomes it considers desirable.”		Glenn Greenwald24 February 2014
Many thanks to our Patrons who cover ~2/3 of our hosting bill. Please join them if you can.


References

  1. http://www.bbc.co.uk/news/technology-26049448
  2. a b http://www.nbcnews.com/news/investigations/snowden-docs-british-spies-used-sex-dirty-tricks-n23091
  3. https://firstlook.org/theintercept/2014/02/24/jtrig-manipulation/
  4. https://www.theregister.co.uk/2014/02/07/snowden_documents_show_british_digital_spies_using_viruses_and_honey_traps/
  5. https://firstlook.org/theintercept/document/2014/07/14/jtrig-tools-techniques/
  6. https://www.theregister.co.uk/2014/02/07/snowden_documents_show_british_digital_spies_using_viruses_and_honey_traps/
  7. http://msnbcmedia.msn.com/i/msnbc/sections/news/snowden_cyber_offensive1_nbc_document.pdf
  8. https://theintercept.com/document/2015/06/22/behavioural-science-support-jtrig/
Retrieved from "https://wikispooks.com/w/index.php?title=Joint_Threat_Research_Intelligence_Group&oldid=210089"